Rampant Hackers

Hackers can sometimes catch a bad reputation when in reality they often amount to little more than idealistic youth’s committing crimes on the level of civil disobedience.

Not the case in the last few weeks however, with a group known an LulzSec, who originated within the ranks of Anonymous, going on a rampage targetting everything and everyone, succeeding in causing devastation and getting away with it.

Apart from the hackers involved with organised crime, who are in in for the money (and don’t get me wrong, there are also a ton of these seedy bastards), many high profile hackers are into what is known as Hacktivism. For example in Turkey when the government announced plans to introduce internet filtering, hackers banded together to take down the Turkish Government website in protest.

These hacktivists sometimes have the majority support of the people, especially considering our inclination to favour the underdog, there’s nothing more poetic than a David tackling a Goliath for a cause he believes in and winning.

It could be argued among some security professionals that LulzSec are doing the community a favour by hacking into high profile targets. Their list of accomplishments includes targets such as the US Senate, Sony, PBS and Fox, among many more. By hacking into these servers, getting their 5 minutes of fame and not stealing information such as credit cards or national security information, LulzSec are at least bringing attention to the lack of security. Organised criminal hackers and foreign intelligence agencies must be grinding their teeth that these clowns muddying up the water and disturbing all the fish that would have otherwise been easy picking.

In the case of Sony however, it appears that someone broke ranks once again, deciding that since they were already into the servers, they might as well steal the credit card information. LulzSec claim this was not their intention, that the information was never going to be stolen, but it appears the damage has already been done. At best, at least it was done in a public manner allowing Visa and Mastercard to cancel the compromised cards.

LulzSec have also decided to bite back at their audience recently, using a very unsophisticated attack called a distributed denial of service (basically flooding sites with so much traffic from a network of compromised PCs that normal traffic cannot get through) on the public entrances to today’s game servers. Games like Minecraft, Eve Online and League of Legends, all favourites of a large majority of the geeks who would support LulzSec are all down at the time of writing.

Another somewhat hilarious target was a major porn server. LulzSec extracted the emails and passwords of a large number of porn subscribers, many of which were .mil and .gov emails, and by using the same email and password combination were able to log straight into the users’ Facebook accounts and let their friends and family know exactly what they’d been up to. On a more serious note, I bet those .mil and .gov emails used those same credentials (or minor variations of them) to log into the military networks. Don’t put that stuff out on the internet!

The fact is LulzSec have done everything in their power to ensure they are a disliked minority, friend to neither the government nor the people, all the while tweeting their achievements to the world and even taking anonymous voip calls, and yet they still continue to operate and even ramp up their operations to even greater levels. Can’t someone stop them?

That appears to be their point, in showing that they have no support from anyone, LulzSec have heightened their own fame (and infamy), bringing the spotlight back onto themselves and individuals instead of some semi-selfless cause ala WikiLeaks. They’re just plain in it for the Lulz and the challenge.

It’ll be interesting to see how this pans out, whether LulzSec finally slip up and get caught, whether government intelligence agencies have already infiltrated the group (considering recent evidence suggests one in four hackers is an FBI mole), or whether they get bored and just fade into oblivion, getting away scott free after such high profile intrusions.

Time will tell.

Technical Side Note: Evidence suggests LulzSec are using mostly SQL injection attacks, an exploit method that gives an attacker database access through a web application due to oversights by the programmers in validating the input. These could have been easily found and corrected if the organisations involved had just done some Penetration Testing! Your network should be regularly inspected.

If you liked this post, please consider a Bitcoin donation. Even a few cents would be huge! My address is: 1HcgS9GCPRQ1APv2TcqZMMskDxLjBaAKsG

Kind Regards,
Nick Cooper

Comments are closed.